The certificate being "untrusted" doesn't mean anything about security. It just mean that they have signed it themselves and that no central authorities that you are supposed to trust for whatever reasons has signed it for them. All you want here is an encrypted communication, and you get that with the self-signed certificate as well.
Yes, you get encrypted communication all the way to the person intercepting your internet traffic, and they have an encrypted channel to the server they are relaying your traffic to.
Encrypted communication is not very useful if you aren't sure who you are communicating with. Using a self-signed cert greatly increases this uncertainty.
I would agree with you entirely if I had more reasons to transitively trust the root certificates authorities than to trust the people I believe are building the website, because in reality I don't know any of them. Certificate authority getting hacked and issuing trusted certificates to not trust worthy people have happened already. You may say that you still put more confidence in a certificate that is transitively trusted by those your browser and / or OS vendor chose for you, but why? The SSL certificate system as it is now is highly unsatisfactory to me. I would prefer something decentralized like the GPG trust network.
No. Without a trusted authority or some other means to verify that the self-signed certificate is indeed coming from the site, there is effectively no security because it is trivial to launch a MITM attack.
For some definition of trivial. But you're right, it's not that simple (see below¹, I need to rant first). It's just that it upset me so much each time Firefox (or whatever browser, they all do it) load a webpage with a self-signed certificate and it acts like if I was attacked and my security is compromised or something… It's not worse than HTTP without SSL so why make me click two times like if I don't know what I'm doing? Nowadays it's more easy to do phishing in plain HTTP than in HTTPS: it's stupid.
¹ Actually it depends on your threat-model. If you assume that the first time you connect to the site there is no MITM (like we all do with SSH connections, don't tell me you always double check the fingerprint of the box you are SSHing to for the first time ;-)), then it is okay to trust the certificate as long as it doesn't change.
Sorry, but I think Firefox is doing exactly the right thing (by default) here. If you want it to do something else, I'd imagine there's a setting you can override somewhere.
In practice it is worse than no SSL because it provides a false sense of security to users who have been trained that HTTPS = secure.
